Yet Another Rogue AV Application

Yet another fake antivirus/antimalware tool started making people’s lives miserable as August 2012 came to an end. The “Windows 8 Security System” claims to detect infections, and displays alerts to scare users into purchasing protection. The real infection, of course, is the “Windows 8 Security System” itself.

I have been asked to "clean" two computers during the past 2 weeks with this very infection and I can say it is very difficult to remove.

It appears that the evil developers of rogue antivirus software are playing up the connection to Windows 8, which Microsoft plans to release at the end of October. “Windows 8 Security System” is very similar to other fake AV products. All of these fake AV products extremely aggressive and hard to remove. In the case of this new one a victim’s system gets infected with “Windows 8 Security System” after visiting an infected website. Sadly it is easy to fall victim to rogue software like the new “Windows 8 Security System”, which extort money from PC owners to “fix” their systems. McAfee Labs recommends disabling Java in your browsers and running your antimalware software with real-time protection enabled. You should also be careful with downloading files from torrents or clicking on email and chat links.

“Windows 8 Security System” will display countless fake alerts and messages and will show a scan window on each system boot. It will display lots of detections, though it is obvious these are fake.

All of these rogue malware applications make sure that your system is compromised and that you cannot easily detect and remove the infection.

“Windows 8 Security System” alerts at the taskbar look like this:

What to do? Sometimes restoring your PC to an earlier date works, sometimes it does not. You can also try booting into safe mode (with networking) and running your real AV application. If you do this make sure to choose to scan your entire PC, not just the system files. If this still does not help additional security services like SpyBot may help. Of course if all of this does not work, backing up your personal files and completing a reformat will remove the virus. The point here is that all of these tasks will either cost you a lot of time or money. The best defense is to avoid these malicious applications by avoiding questionable websites, including torrent sites and of course never ever clicking on attachments in email if you did not specially request the file.